4 matches found
CVE-2023-46729
sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has bee...
CVE-2023-46729
creationtimestamp| type| source ---|---|--- 2024-08-16 08:45:56+00:00| published-proof-of-concept| https://t.me/Rootsec2/1741...
CVE-2023-46729
CVE-2023-46729 affects the Sentry JavaScript SDK for Next.js tunneling. An unsanitized input in the Next.js SDK tunnel endpoint allows making HTTP requests to arbitrary URLs and reflecting the response back to the user, exposing potential SSRF risks. This issue is limited to users who have the Ne...
CVE-2023-46729 Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint
sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has bee...